[stunnel-users] Connecting stunnels
Ludolf Holzheid
lholzheid at bihl-wiedemann.de
Thu Mar 31 16:26:02 CEST 2016
On Thu, 2016-03-31 09:39:49 -0400, Carter Browne wrote:
> A single instance of stunnel can be a server or a client depending on
> the settings. For this configuration, you would want host3 to be a
> server not a client.
> Thus, you need the intermediate port on server2 to server as both a
> client and a server:
>
> In your configuration files you would need:
>
> Host1:
> [secure_telnet]
> accept = local:23
> connect = host2:host2port1
> client = yes
>
> Host2:
> [incoming_telnet_relay]
> accept = host2:host2port1
> connect = local:host2port2
> client = no
>
> [outgoing_telnet_relay]
> accept =local:host2port2
> connect = host3:host3port1
> client = yes
>
> Host3:
> [incoming_telnet]
> accept = host3:host3port1
> connect = local:23
Carter,
What's the advantage of this setup over a direct connection from Host1
to Host3?
Host1:
[secure_telnet]
accept = local:23
connect = host3:host3port1
client = yes
Host3:
[incoming_telnet]
accept = host3:host3port1
connect = local:23
client = no
If e.g. Host3 isn't directly reachable from Host1, a simple port
forwarding (without decryption and re-encryption) on Host2 would
suffice.
Ludolf
--
Ludolf Holzheid
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:lholzheid at bihl-wiedemann.de
http://www.bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
More information about the stunnel-users
mailing list